Update command

Update Command

The update command downloads and installs a new version of SignotaurTool from the Signotaur server. It supports two update mode to suit various deployment scenarios and can retry automatically on failure.

Usage

SignotaurTool.exe update [options]

The update command does not take file parameters. It operates on the tool itself, connecting to a Signotaur server to check and apply updates.

Options

  • -s, --sign-server <URL>
    Required. Specifies the URL of the Signotaur server to update from.

  • --allow-untrusted
    Allow updates from a Signotaur server that uses an untrusted or invalid TLS/SSL certificate. Use with caution, as it bypasses certificate validation.

  • --retries-on-failure <Count>
    Number of times to retry the update if it fails. This can help in cases of transient network or server issues.

  • --update-mode <Mode>
    Specifies the update strategy. Possible values:

    • Version: Always update to every new published version.
    • SourceHash (default): Only update if the hash of the source code differs from the currently installed version, ensuring updates only when the underlying source changes.

  • --encoding <Encoding>
    Specifies the output encoding. Set to one of UTF8, UTF16, OEMCodePage or CodePage### where ### is the number of the code page to use. Defaults to UTF8.

  • -v, --verbose
    Enables verbose logging for the signing operation, providing detailed output of the signing process, which can be useful for debugging.

  • --nb, --no-banner
    Hides the banner in the output, which may be useful for scripting or logging purposes where you want a clean output.

  • --help
    Displays help information and usage instructions for this command.

Examples

  1. Update using the default mode (SourceHash):

    SignotaurTool.exe update --sign-server https://signotaur.example.com

  2. Always update to every new version:

    SignotaurTool.exe update --sign-server https://signotaur.example.com --update-mode Version

  3. Retry the update up to 3 times if it fails:

    SignotaurTool.exe update --sign-server https://signotaur.example.com --retries-on-failure 3

  4. Allow updates from a server with an untrusted certificate (for testing):

    SignotaurTool.exe update --sign-server https://dev-signotaur.local --allow-untrusted

Exit Codes

The update command returns standard process exit codes to indicate the outcome:

  • 0 (Success): The update completed successfully or no update was needed.
  • 1 (Failure): A non-recoverable error occurred during the update process.
  • 2 (Aborted): The update was aborted by the user or due to a fatal condition such as repeated download failures.
  • 53 (NoUpdate): No update available.

Typically, a more specific message is displayed before an error exit code is returned.